CISSP Practice question #6

Why would we use a RTM in software testing?
A: To ensure we are secure.
B: To test for malformed input.
C: To map requirements to the testing plan.
D: To test the code while executing it.

CBK 6: Security Assessment and Testing
Source: practice tests


C: TM/RTM (Requirements Traceability Matrix): Normally a table, used to map customer requirements to the testing plan using a many-to-many relationship comparison. A requirements traceability matrix may be used to check if the current project requirements are being met, and to help in the creation of a request for proposal, software requirements specification, various deliverable documents, and project plan tasks.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like


    1. RTM is used widely in project management (in this case software), it is a requirements traceability matrix, think of it as an excel document, where each row is a requirement the software must fulfill and the columns are the check to ensure it did meet that requirement.
      When we test the software we know to test for instance:
      Requirement Ensure input validation and type.
      We would then test if we could only a certain length of input and only a certain type (for instance numbers only).

Leave a Reply